feat(advisor): Add BlackDuck as advisor #18388
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Static Analysis | |
on: | |
pull_request: | |
branches: | |
- main | |
push: | |
branches: | |
- main | |
env: | |
GRADLE_OPTS: -Dorg.gradle.daemon=false | |
jobs: | |
commit-lint: | |
runs-on: ubuntu-24.04 | |
steps: | |
- name: Checkout Repository | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
with: | |
fetch-depth: 0 | |
- name: Check Commit Messages | |
uses: wagoid/commitlint-github-action@0184f5a228ee06430bb9e67d65f73a1a6767496a # v6 | |
with: | |
configFile: .commitlintrc.yml | |
code-base-checks: | |
runs-on: ubuntu-24.04 | |
steps: | |
- name: Checkout Repository | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
- name: Setup Gradle | |
uses: gradle/actions/setup-gradle@0bdd871935719febd78681f197cd39af5b6e16a6 # v4 | |
- name: Check copyrights, license headers, and .gitattributes | |
run: ./gradlew checkCopyrightsInNoticeFile checkLicenseHeaders checkGitAttributes | |
completions: | |
runs-on: ubuntu-24.04 | |
steps: | |
- name: Checkout Repository | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
- name: Setup Java | |
uses: actions/setup-java@7a6d8a8234af8eb26422e24e3006232cccaa061b # v4 | |
with: | |
distribution: temurin | |
java-version: 21 | |
- name: Setup Gradle | |
uses: gradle/actions/setup-gradle@0bdd871935719febd78681f197cd39af5b6e16a6 # v4 | |
- name: Generate completions | |
run: | | |
./scripts/generate_completion_scripts.sh | |
- name: Check if completions are up-to-date | |
run: | | |
if git diff --exit-code; then | |
echo "Completions are up-to-date." | |
else | |
echo "Completions are not up-to-date." | |
echo "Please always run the script below when changing CLI commands:" | |
echo "./scripts/generate_completion_scripts.sh" | |
exit 1 | |
fi | |
detekt-issues: | |
runs-on: ubuntu-24.04 | |
permissions: | |
# Needed for SARIF scanning upload. | |
security-events: write | |
steps: | |
- name: Checkout Repository | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
- name: Setup Gradle | |
uses: gradle/actions/setup-gradle@0bdd871935719febd78681f197cd39af5b6e16a6 # v4 | |
- name: Check for Detekt Issues | |
run: ./gradlew detektAll | |
- name: Upload SARIF File | |
uses: github/codeql-action/upload-sarif@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3 | |
if: always() # Upload even if the previous step failed. | |
with: | |
sarif_file: build/reports/detekt/merged.sarif | |
markdown-links: | |
runs-on: ubuntu-22.04 | |
steps: | |
- name: Checkout Repository | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
- name: Check Links | |
uses: umbrelladocs/action-linkspector@fc382e19892aca958e189954912fe379a8df270c # v1 | |
with: | |
fail_on_error: true | |
markdownlint: | |
runs-on: ubuntu-24.04 | |
steps: | |
- name: Checkout Repository | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
with: | |
fetch-depth: 0 | |
- name: Setup Node | |
uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4 | |
- name: Check for Markdown issues | |
run: | | |
npm install -g markdownlint-rule-max-one-sentence-per-line@0.0.2 | |
npx markdownlint-cli2 | |
qodana-scan: | |
if: ${{ github.event_name == 'pull_request' }} | |
runs-on: ubuntu-24.04 | |
permissions: | |
# Needed for SARIF scanning upload. | |
security-events: write | |
steps: | |
- name: Checkout Repository | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
with: | |
fetch-depth: 0 | |
- name: Qodana Scan | |
uses: JetBrains/qodana-action@b60a4b9259f448dd00f2ca4763db5677d69ba868 # v2024.3.4 | |
with: | |
post-pr-comment: false | |
use-caches: false | |
- name: Upload Code Scanning Results | |
uses: github/codeql-action/upload-sarif@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3 | |
with: | |
sarif_file: ${{ runner.temp }}/qodana/results/qodana.sarif.json | |
reuse-tool: | |
runs-on: ubuntu-24.04 | |
steps: | |
- name: Checkout Repository | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
- name: Check REUSE Compliance | |
run: | | |
pipx install reuse | |
reuse lint |